Findings showed that hackers were able to install a program on payment card processing devices at certain restaurants, food and beverage outlets, spas, entertainment destinations, and managed properties.